Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Learn Kali Linux 2019 Perform powerful penetration testing using Kali Linux, Metasploit, Nessus, Nmap, and Wireshark

Product type Paperback

Published in Nov 2019

Publisher

ISBN-13 9781789611809

Length 550 pages

Edition 1st Edition

Languages

C++

Tools

Kali Linux

Concepts

Penetration Testing

Authors (2):

Glen D. Singh

Joshua Crumbaugh

View More author details

Table of Contents (22) Chapters

Preface

1. Section 1: Kali Linux Basics FREE CHAPTER

2. Introduction to Hacking

3. Setting Up Kali - Part 1

4. Setting Up Kali - Part 2

5. Getting Comfortable with Kali Linux 2019

6. Section 2: Reconnaissance

7. Passive Information Gathering

8. Active Information Gathering

9. Section 3: Vulnerability Assessment and Penetration Testing with Kali Linux 2019

10. Working with Vulnerability Scanners

11. Understanding Network Penetration Testing

12. Network Penetration Testing - Pre-Connection Attacks

13. Network Penetration Testing - Gaining Access

14. Network Penetration Testing - Post-Connection Attacks

15. Network Penetration Testing - Detection and Security

16. Client-Side Attacks - Social Engineering

17. Performing Website Penetration Testing

18. Website Penetration Testing - Gaining Access

19. Best Practices

20. Assessments

21. Other Books You May Enjoy

Leave a review - let other readers know what you think

Session hijacking

In this section, we will perform session hijacking on a target machine on our network. To perform this attack, we will combine a few other techniques to ensure that it's successful. Whenever a user visits a website, the web server sends a cookie to the web browser. The cookie is used to monitor the user's activities and provide a better user experience by tracking items in a shopping cart, maintaining persistent login while browsing other areas of a website, and so on.

Session hijacking allows an attacker or penetration tester to capture and take over (hijack) another user's sessions while the victim is logged into a website. Session hijacking allows the penetration tester to capture the session token/key, which is then used to gain unauthorized access to information and resources on a system. For example, capturing the session of a user who is...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (2)

Joshua Crumbaugh

Joshua Crumbaugh is the founder of PeopleSec and experienced penetration tester with an impressive background performing high end security assessments against high profile targets. He is also an expert social engineer who has talked his way into bank vaults, fortune 500 data centers, corporate offices, restricted areas of casinos and more. His experiences highlighted a significant need for a better ""human solution"" -- This led him to a passion in social engineering and better understanding ways to stop social engineering attacks

See other products by Joshua Crumbaugh

Glen D. Singh

Glen D. Singh is a cybersecurity author, educator and SecOps professional. His areas of expertise are cybersecurity operations, offensive security tactics and techniques, and enterprise networking. He holds a Master of Science (MSc) in cybersecurity and many industry certifications from top awarding bodies such as EC-Council, Cisco, and Check Point. Glen loves teaching and mentoring others while sharing his wealth of knowledge and experience as an author. He has written many books, which focus on vulnerability discovery and exploitation, threat detection, intrusion analysis, incident response, network security, and enterprise networking. As an aspiring game changer, Glen is passionate about increasing cybersecurity awareness in his homeland, Trinidad and Tobago.

See other products by Glen D. Singh